0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #44234 from thaJeztah/resolvconf_refactor_step1

Browse source 
libnetwork/resolvconf: some cleaning up and optimisations
This commit is contained in:
Sebastiaan van Stijn 2023-04-27 01:22:40 +02:00 committed by GitHub
commit 31bf00d3ec
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 470 additions and 359 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
libnetwork/resolvconf/resolvconf.go
View file

@ -88,7 +88,7 @@ var (
// File contains the resolv.conf content and its hash
type File struct {
Content []byte
Hash string
Hash []byte
}
// Get returns the contents of /etc/resolv.conf and its hash
@ -102,11 +102,7 @@ func GetSpecific(path string) (*File, error) {
if err != nil {
return nil, err
}
hash, err := hashData(bytes.NewReader(resolv))
if err != nil {
return nil, err
}
return &File{Content: resolv, Hash: hash}, nil
return &File{Content: resolv, Hash: hashData(resolv)}, nil
}
// FilterResolvDNS cleans up the config in resolvConf. It has two main jobs:
@ -132,11 +128,7 @@ func FilterResolvDNS(resolvConf []byte, ipv6Enabled bool) (*File, error) {
}
cleanedResolvConf = append(cleanedResolvConf, []byte("\n"+strings.Join(dns, "\n"))...)
}
hash, err := hashData(bytes.NewReader(cleanedResolvConf))
if err != nil {
return nil, err
}
return &File{Content: cleanedResolvConf, Hash: hash}, nil
return &File{Content: cleanedResolvConf, Hash: hashData(cleanedResolvConf)}, nil
}
// getLines parses input into lines and strips away comments.
@ -156,7 +148,7 @@ func getLines(input []byte, commentMarker []byte) [][]byte {
// GetNameservers returns nameservers (if any) listed in /etc/resolv.conf
func GetNameservers(resolvConf []byte, kind int) []string {
nameservers := []string{}
var nameservers []string
for _, line := range getLines(resolvConf, []byte("#")) {
var ns [][]byte
if kind == IP {
@ -177,7 +169,7 @@ func GetNameservers(resolvConf []byte, kind int) []string {
// /etc/resolv.conf as CIDR blocks (e.g., "1.2.3.4/32")
// This function's output is intended for net.ParseCIDR
func GetNameserversAsCIDR(resolvConf []byte) []string {
nameservers := []string{}
var nameservers []string
for _, nameserver := range GetNameservers(resolvConf, IP) {
var address string
// If IPv6, strip zone if present
@ -195,7 +187,7 @@ func GetNameserversAsCIDR(resolvConf []byte) []string {
// If more than one search line is encountered, only the contents of the last
// one is returned.
func GetSearchDomains(resolvConf []byte) []string {
domains := []string{}
var domains []string
for _, line := range getLines(resolvConf, []byte("#")) {
match := searchRegexp.FindSubmatch(line)
if match == nil {
@ -210,7 +202,7 @@ func GetSearchDomains(resolvConf []byte) []string {
// If more than one options line is encountered, only the contents of the last
// one is returned.
func GetOptions(resolvConf []byte) []string {
options := []string{}
var options []string
for _, line := range getLines(resolvConf, []byte("#")) {
match := optionsRegexp.FindSubmatch(line)
if match == nil {
@ -221,10 +213,11 @@ func GetOptions(resolvConf []byte) []string {
return options
}
// Build writes a configuration file to path containing a "nameserver" entry
// for every element in dns, a "search" entry for every element in
// dnsSearch, and an "options" entry for every element in dnsOptions.
func Build(path string, dns, dnsSearch, dnsOptions []string) (*File, error) {
// Build generates and writes a configuration file to path containing a nameserver
// entry for every element in nameservers, a "search" entry for every element in
// dnsSearch, and an "options" entry for every element in dnsOptions. It returns
// a File containing the generated content and its (sha256) hash.
func Build(path string, nameservers, dnsSearch, dnsOptions []string) (*File, error) {
content := bytes.NewBuffer(nil)
if len(dnsSearch) > 0 {
if searchString := strings.Join(dnsSearch, " "); strings.Trim(searchString, " ") != "." {
@ -233,7 +226,7 @@ func Build(path string, dns, dnsSearch, dnsOptions []string) (*File, error) {
}
}
}
for _, dns := range dns {
for _, dns := range nameservers {
if _, err := content.WriteString("nameserver " + dns + "\n"); err != nil {
return nil, err
}
@ -246,10 +239,9 @@ func Build(path string, dns, dnsSearch, dnsOptions []string) (*File, error) {
}
}
hash, err := hashData(bytes.NewReader(content.Bytes()))
if err != nil {
if err := os.WriteFile(path, content.Bytes(), 0o644); err != nil {
return nil, err
}
return &File{Content: content.Bytes(), Hash: hash}, os.WriteFile(path, content.Bytes(), 0644)
return &File{Content: content.Bytes(), Hash: hashData(content.Bytes())}, nil
}

303
libnetwork/resolvconf/resolvconf_linux_test.go
View file

@ -1,303 +0,0 @@
package resolvconf
import (
"bytes"
"os"
"testing"
)
func TestGet(t *testing.T) {
resolvConfUtils, err := Get()
if err != nil {
t.Fatal(err)
}
resolvConfSystem, err := os.ReadFile("/etc/resolv.conf")
if err != nil {
t.Fatal(err)
}
if string(resolvConfUtils.Content) != string(resolvConfSystem) {
t.Fatalf("/etc/resolv.conf and GetResolvConf have different content.")
}
hashSystem, err := hashData(bytes.NewReader(resolvConfSystem))
if err != nil {
t.Fatal(err)
}
if resolvConfUtils.Hash != hashSystem {
t.Fatalf("/etc/resolv.conf and GetResolvConf have different hashes.")
}
}
func TestGetNameservers(t *testing.T) {
for resolv, result := range map[string][]string{`
nameserver 1.2.3.4
nameserver 40.3.200.10
search example.com`: {"1.2.3.4", "40.3.200.10"},
`search example.com`: {},
`nameserver 1.2.3.4
search example.com
nameserver 4.30.20.100`: {"1.2.3.4", "4.30.20.100"},
``: {},
` nameserver 1.2.3.4 `: {"1.2.3.4"},
`search example.com
nameserver 1.2.3.4
#nameserver 4.3.2.1`: {"1.2.3.4"},
`search example.com
nameserver 1.2.3.4 # not 4.3.2.1`: {"1.2.3.4"},
} {
test := GetNameservers([]byte(resolv), IP)
if !strSlicesEqual(test, result) {
t.Fatalf("Wrong nameserver string {%s} should be %v. Input: %s", test, result, resolv)
}
}
}
func TestGetNameserversAsCIDR(t *testing.T) {
for resolv, result := range map[string][]string{`
nameserver 1.2.3.4
nameserver 40.3.200.10
search example.com`: {"1.2.3.4/32", "40.3.200.10/32"},
`search example.com`: {},
`nameserver 1.2.3.4
search example.com
nameserver 4.30.20.100`: {"1.2.3.4/32", "4.30.20.100/32"},
``: {},
` nameserver 1.2.3.4 `: {"1.2.3.4/32"},
`search example.com
nameserver 1.2.3.4
#nameserver 4.3.2.1`: {"1.2.3.4/32"},
`search example.com
nameserver 1.2.3.4 # not 4.3.2.1`: {"1.2.3.4/32"},
} {
test := GetNameserversAsCIDR([]byte(resolv))
if !strSlicesEqual(test, result) {
t.Fatalf("Wrong nameserver string {%s} should be %v. Input: %s", test, result, resolv)
}
}
}
func TestGetSearchDomains(t *testing.T) {
for resolv, result := range map[string][]string{
`search example.com`: {"example.com"},
`search example.com # ignored`: {"example.com"},
` search example.com `: {"example.com"},
` search example.com # ignored`: {"example.com"},
`search foo.example.com example.com`: {"foo.example.com", "example.com"},
` search foo.example.com example.com `: {"foo.example.com", "example.com"},
` search foo.example.com example.com # ignored`: {"foo.example.com", "example.com"},
``: {},
`# ignored`: {},
`nameserver 1.2.3.4
search foo.example.com example.com`: {"foo.example.com", "example.com"},
`nameserver 1.2.3.4
search dup1.example.com dup2.example.com
search foo.example.com example.com`: {"foo.example.com", "example.com"},
`nameserver 1.2.3.4
search foo.example.com example.com
nameserver 4.30.20.100`: {"foo.example.com", "example.com"},
} {
test := GetSearchDomains([]byte(resolv))
if !strSlicesEqual(test, result) {
t.Fatalf("Wrong search domain string {%s} should be %v. Input: %s", test, result, resolv)
}
}
}
func TestGetOptions(t *testing.T) {
for resolv, result := range map[string][]string{
`options opt1`: {"opt1"},
`options opt1 # ignored`: {"opt1"},
` options opt1 `: {"opt1"},
` options opt1 # ignored`: {"opt1"},
`options opt1 opt2 opt3`: {"opt1", "opt2", "opt3"},
`options opt1 opt2 opt3 # ignored`: {"opt1", "opt2", "opt3"},
` options opt1 opt2 opt3 `: {"opt1", "opt2", "opt3"},
` options opt1 opt2 opt3 # ignored`: {"opt1", "opt2", "opt3"},
``: {},
`# ignored`: {},
`nameserver 1.2.3.4`: {},
`nameserver 1.2.3.4
options opt1 opt2 opt3`: {"opt1", "opt2", "opt3"},
`nameserver 1.2.3.4
options opt1 opt2
options opt3 opt4`: {"opt3", "opt4"},
} {
test := GetOptions([]byte(resolv))
if !strSlicesEqual(test, result) {
t.Fatalf("Wrong options string {%s} should be %v. Input: %s", test, result, resolv)
}
}
}
func strSlicesEqual(a, b []string) bool {
if len(a) != len(b) {
return false
}
for i, v := range a {
if v != b[i] {
return false
}
}
return true
}
func TestBuild(t *testing.T) {
file, err := os.CreateTemp("", "")
if err != nil {
t.Fatal(err)
}
defer os.Remove(file.Name())
_, err = Build(file.Name(), []string{"ns1", "ns2", "ns3"}, []string{"search1"}, []string{"opt1"})
if err != nil {
t.Fatal(err)
}
content, err := os.ReadFile(file.Name())
if err != nil {
t.Fatal(err)
}
if expected := "search search1\nnameserver ns1\nnameserver ns2\nnameserver ns3\noptions opt1\n"; !bytes.Contains(content, []byte(expected)) {
t.Fatalf("Expected to find '%s' got '%s'", expected, content)
}
}
func TestBuildWithZeroLengthDomainSearch(t *testing.T) {
file, err := os.CreateTemp("", "")
if err != nil {
t.Fatal(err)
}
defer os.Remove(file.Name())
_, err = Build(file.Name(), []string{"ns1", "ns2", "ns3"}, []string{"."}, []string{"opt1"})
if err != nil {
t.Fatal(err)
}
content, err := os.ReadFile(file.Name())
if err != nil {
t.Fatal(err)
}
if expected := "nameserver ns1\nnameserver ns2\nnameserver ns3\noptions opt1\n"; !bytes.Contains(content, []byte(expected)) {
t.Fatalf("Expected to find '%s' got '%s'", expected, content)
}
if notExpected := "search ."; bytes.Contains(content, []byte(notExpected)) {
t.Fatalf("Expected to not find '%s' got '%s'", notExpected, content)
}
}
func TestBuildWithNoOptions(t *testing.T) {
file, err := os.CreateTemp("", "")
if err != nil {
t.Fatal(err)
}
defer os.Remove(file.Name())
_, err = Build(file.Name(), []string{"ns1", "ns2", "ns3"}, []string{"search1"}, []string{})
if err != nil {
t.Fatal(err)
}
content, err := os.ReadFile(file.Name())
if err != nil {
t.Fatal(err)
}
if expected := "search search1\nnameserver ns1\nnameserver ns2\nnameserver ns3\n"; !bytes.Contains(content, []byte(expected)) {
t.Fatalf("Expected to find '%s' got '%s'", expected, content)
}
if notExpected := "search ."; bytes.Contains(content, []byte(notExpected)) {
t.Fatalf("Expected to not find '%s' got '%s'", notExpected, content)
}
}
func TestFilterResolvDns(t *testing.T) {
ns0 := "nameserver 10.16.60.14\nnameserver 10.16.60.21\n"
if result, _ := FilterResolvDNS([]byte(ns0), false); result != nil {
if ns0 != string(result.Content) {
t.Fatalf("Failed No Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
ns1 := "nameserver 10.16.60.14\nnameserver 10.16.60.21\nnameserver 127.0.0.1\n"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Fatalf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
ns1 = "nameserver 10.16.60.14\nnameserver 127.0.0.1\nnameserver 10.16.60.21\n"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Fatalf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
ns1 = "nameserver 127.0.1.1\nnameserver 10.16.60.14\nnameserver 10.16.60.21\n"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Fatalf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
ns1 = "nameserver ::1\nnameserver 10.16.60.14\nnameserver 127.0.2.1\nnameserver 10.16.60.21\n"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Fatalf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
ns1 = "nameserver 10.16.60.14\nnameserver ::1\nnameserver 10.16.60.21\nnameserver ::1"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Fatalf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
// with IPv6 disabled (false param), the IPv6 nameserver should be removed
ns1 = "nameserver 10.16.60.14\nnameserver 2002:dead:beef::1\nnameserver 10.16.60.21\nnameserver ::1"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Fatalf("Failed Localhost+IPv6 off: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
// with IPv6 disabled (false param), the IPv6 link-local nameserver with zone ID should be removed
ns1 = "nameserver 10.16.60.14\nnameserver FE80::BB1%1\nnameserver FE80::BB1%eth0\nnameserver 10.16.60.21\n"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Fatalf("Failed Localhost+IPv6 off: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
// with IPv6 enabled, the IPv6 nameserver should be preserved
ns0 = "nameserver 10.16.60.14\nnameserver 2002:dead:beef::1\nnameserver 10.16.60.21\n"
ns1 = "nameserver 10.16.60.14\nnameserver 2002:dead:beef::1\nnameserver 10.16.60.21\nnameserver ::1"
if result, _ := FilterResolvDNS([]byte(ns1), true); result != nil {
if ns0 != string(result.Content) {
t.Fatalf("Failed Localhost+IPv6 on: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
// with IPv6 enabled, and no non-localhost servers, Google defaults (both IPv4+IPv6) should be added
ns0 = "\nnameserver 8.8.8.8\nnameserver 8.8.4.4\nnameserver 2001:4860:4860::8888\nnameserver 2001:4860:4860::8844"
ns1 = "nameserver 127.0.0.1\nnameserver ::1\nnameserver 127.0.2.1"
if result, _ := FilterResolvDNS([]byte(ns1), true); result != nil {
if ns0 != string(result.Content) {
t.Fatalf("Failed no Localhost+IPv6 enabled: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
// with IPv6 disabled, and no non-localhost servers, Google defaults (only IPv4) should be added
ns0 = "\nnameserver 8.8.8.8\nnameserver 8.8.4.4"
ns1 = "nameserver 127.0.0.1\nnameserver ::1\nnameserver 127.0.2.1"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Fatalf("Failed no Localhost+IPv6 enabled: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
}

427
libnetwork/resolvconf/resolvconf_unix_test.go Normal file
View file

@ -0,0 +1,427 @@
//go:build !windows
// +build !windows
package resolvconf
import (
"bytes"
"os"
"testing"
)
func TestGet(t *testing.T) {
actual, err := Get()
if err != nil {
t.Fatal(err)
}
expected, err := os.ReadFile(Path())
if err != nil {
t.Fatal(err)
}
if !bytes.Equal(actual.Content, expected) {
t.Errorf("%s and GetResolvConf have different content.", Path())
}
if !bytes.Equal(actual.Hash, hashData(expected)) {
t.Errorf("%s and GetResolvConf have different hashes.", Path())
}
}
func TestGetNameservers(t *testing.T) {
for _, tc := range []struct {
input string
result []string
}{
{
input: ``,
},
{
input: `search example.com`,
},
{
input: ` nameserver 1.2.3.4 `,
result: []string{"1.2.3.4"},
},
{
input: `
nameserver 1.2.3.4
nameserver 40.3.200.10
search example.com`,
result: []string{"1.2.3.4", "40.3.200.10"},
},
{
input: `nameserver 1.2.3.4
search example.com
nameserver 4.30.20.100`,
result: []string{"1.2.3.4", "4.30.20.100"},
},
{
input: `search example.com
nameserver 1.2.3.4
#nameserver 4.3.2.1`,
result: []string{"1.2.3.4"},
},
{
input: `search example.com
nameserver 1.2.3.4 # not 4.3.2.1`,
result: []string{"1.2.3.4"},
},
} {
test := GetNameservers([]byte(tc.input), IP)
if !strSlicesEqual(test, tc.result) {
t.Errorf("Wrong nameserver string {%s} should be %v. Input: %s", test, tc.result, tc.input)
}
}
}
func TestGetNameserversAsCIDR(t *testing.T) {
for _, tc := range []struct {
input string
result []string
}{
{
input: ``,
},
{
input: `search example.com`,
},
{
input: ` nameserver 1.2.3.4 `,
result: []string{"1.2.3.4/32"},
},
{
input: `
nameserver 1.2.3.4
nameserver 40.3.200.10
search example.com`,
result: []string{"1.2.3.4/32", "40.3.200.10/32"},
},
{
input: `nameserver 1.2.3.4
search example.com
nameserver 4.30.20.100`,
result: []string{"1.2.3.4/32", "4.30.20.100/32"},
},
{
input: `search example.com
nameserver 1.2.3.4
#nameserver 4.3.2.1`,
result: []string{"1.2.3.4/32"},
},
{
input: `search example.com
nameserver 1.2.3.4 # not 4.3.2.1`,
result: []string{"1.2.3.4/32"},
},
} {
test := GetNameserversAsCIDR([]byte(tc.input))
if !strSlicesEqual(test, tc.result) {
t.Errorf("Wrong nameserver string {%s} should be %v. Input: %s", test, tc.result, tc.input)
}
}
}
func TestGetSearchDomains(t *testing.T) {
for _, tc := range []struct {
input string
result []string
}{
{
input: ``,
},
{
input: `# ignored`,
},
{
input: `search example.com`,
result: []string{"example.com"},
},
{
input: `search example.com # ignored`,
result: []string{"example.com"},
},
{
input: ` search example.com `,
result: []string{"example.com"},
},
{
input: ` search example.com # ignored`,
result: []string{"example.com"},
},
{
input: `search foo.example.com example.com`,
result: []string{"foo.example.com", "example.com"},
},
{
input: ` search foo.example.com example.com `,
result: []string{"foo.example.com", "example.com"},
},
{
input: ` search foo.example.com example.com # ignored`,
result: []string{"foo.example.com", "example.com"},
},
{
input: `nameserver 1.2.3.4
search foo.example.com example.com`,
result: []string{"foo.example.com", "example.com"},
},
{
input: `nameserver 1.2.3.4
search dup1.example.com dup2.example.com
search foo.example.com example.com`,
result: []string{"foo.example.com", "example.com"},
},
{
input: `nameserver 1.2.3.4
search foo.example.com example.com
nameserver 4.30.20.100`,
result: []string{"foo.example.com", "example.com"},
},
} {
test := GetSearchDomains([]byte(tc.input))
if !strSlicesEqual(test, tc.result) {
t.Errorf("Wrong search domain string {%s} should be %v. Input: %s", test, tc.result, tc.input)
}
}
}
func TestGetOptions(t *testing.T) {
for _, tc := range []struct {
input string
result []string
}{
{
input: ``,
},
{
input: `# ignored`,
},
{
input: `nameserver 1.2.3.4`,
},
{
input: `options opt1`,
result: []string{"opt1"},
},
{
input: `options opt1 # ignored`,
result: []string{"opt1"},
},
{
input: ` options opt1 `,
result: []string{"opt1"},
},
{
input: ` options opt1 # ignored`,
result: []string{"opt1"},
},
{
input: `options opt1 opt2 opt3`,
result: []string{"opt1", "opt2", "opt3"},
},
{
input: `options opt1 opt2 opt3 # ignored`,
result: []string{"opt1", "opt2", "opt3"},
},
{
input: ` options opt1 opt2 opt3 `,
result: []string{"opt1", "opt2", "opt3"},
},
{
input: ` options opt1 opt2 opt3 # ignored`,
result: []string{"opt1", "opt2", "opt3"},
},
{
input: `nameserver 1.2.3.4
options opt1 opt2 opt3`,
result: []string{"opt1", "opt2", "opt3"},
},
{
input: `nameserver 1.2.3.4
options opt1 opt2
options opt3 opt4`,
result: []string{"opt3", "opt4"},
},
} {
test := GetOptions([]byte(tc.input))
if !strSlicesEqual(test, tc.result) {
t.Errorf("Wrong options string {%s} should be %v. Input: %s", test, tc.result, tc.input)
}
}
}
func strSlicesEqual(a, b []string) bool {
if len(a) != len(b) {
return false
}
for i, v := range a {
if v != b[i] {
return false
}
}
return true
}
func TestBuild(t *testing.T) {
tmpDir := t.TempDir()
file, err := os.CreateTemp(tmpDir, "")
if err != nil {
t.Fatal(err)
}
f, err := Build(file.Name(), []string{"ns1", "ns2", "ns3"}, []string{"search1"}, []string{"opt1"})
if err != nil {
t.Fatal(err)
}
const expected = "search search1\nnameserver ns1\nnameserver ns2\nnameserver ns3\noptions opt1\n"
if !bytes.Equal(f.Content, []byte(expected)) {
t.Errorf("Expected to find '%s' got '%s'", expected, f.Content)
}
content, err := os.ReadFile(file.Name())
if err != nil {
t.Fatal(err)
}
if !bytes.Equal(content, []byte(expected)) {
t.Errorf("Expected to find '%s' got '%s'", expected, content)
}
}
func TestBuildWithZeroLengthDomainSearch(t *testing.T) {
tmpDir := t.TempDir()
file, err := os.CreateTemp(tmpDir, "")
if err != nil {
t.Fatal(err)
}
f, err := Build(file.Name(), []string{"ns1", "ns2", "ns3"}, []string{"."}, []string{"opt1"})
if err != nil {
t.Fatal(err)
}
const expected = "nameserver ns1\nnameserver ns2\nnameserver ns3\noptions opt1\n"
if !bytes.Equal(f.Content, []byte(expected)) {
t.Errorf("Expected to find '%s' got '%s'", expected, f.Content)
}
content, err := os.ReadFile(file.Name())
if err != nil {
t.Fatal(err)
}
if !bytes.Equal(content, []byte(expected)) {
t.Errorf("Expected to find '%s' got '%s'", expected, content)
}
}
func TestBuildWithNoOptions(t *testing.T) {
tmpDir := t.TempDir()
file, err := os.CreateTemp(tmpDir, "")
if err != nil {
t.Fatal(err)
}
f, err := Build(file.Name(), []string{"ns1", "ns2", "ns3"}, []string{"search1"}, []string{})
if err != nil {
t.Fatal(err)
}
const expected = "search search1\nnameserver ns1\nnameserver ns2\nnameserver ns3\n"
if !bytes.Equal(f.Content, []byte(expected)) {
t.Errorf("Expected to find '%s' got '%s'", expected, f.Content)
}
content, err := os.ReadFile(file.Name())
if err != nil {
t.Fatal(err)
}
if !bytes.Equal(content, []byte(expected)) {
t.Errorf("Expected to find '%s' got '%s'", expected, content)
}
}
func TestFilterResolvDNS(t *testing.T) {
ns0 := "nameserver 10.16.60.14\nnameserver 10.16.60.21\n"
if result, _ := FilterResolvDNS([]byte(ns0), false); result != nil {
if ns0 != string(result.Content) {
t.Errorf("Failed No Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
ns1 := "nameserver 10.16.60.14\nnameserver 10.16.60.21\nnameserver 127.0.0.1\n"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Errorf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
ns1 = "nameserver 10.16.60.14\nnameserver 127.0.0.1\nnameserver 10.16.60.21\n"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Errorf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
ns1 = "nameserver 127.0.1.1\nnameserver 10.16.60.14\nnameserver 10.16.60.21\n"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Errorf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
ns1 = "nameserver ::1\nnameserver 10.16.60.14\nnameserver 127.0.2.1\nnameserver 10.16.60.21\n"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Errorf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
ns1 = "nameserver 10.16.60.14\nnameserver ::1\nnameserver 10.16.60.21\nnameserver ::1"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Errorf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
// with IPv6 disabled (false param), the IPv6 nameserver should be removed
ns1 = "nameserver 10.16.60.14\nnameserver 2002:dead:beef::1\nnameserver 10.16.60.21\nnameserver ::1"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Errorf("Failed Localhost+IPv6 off: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
// with IPv6 disabled (false param), the IPv6 link-local nameserver with zone ID should be removed
ns1 = "nameserver 10.16.60.14\nnameserver FE80::BB1%1\nnameserver FE80::BB1%eth0\nnameserver 10.16.60.21\n"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Errorf("Failed Localhost+IPv6 off: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
// with IPv6 enabled, the IPv6 nameserver should be preserved
ns0 = "nameserver 10.16.60.14\nnameserver 2002:dead:beef::1\nnameserver 10.16.60.21\n"
ns1 = "nameserver 10.16.60.14\nnameserver 2002:dead:beef::1\nnameserver 10.16.60.21\nnameserver ::1"
if result, _ := FilterResolvDNS([]byte(ns1), true); result != nil {
if ns0 != string(result.Content) {
t.Errorf("Failed Localhost+IPv6 on: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
// with IPv6 enabled, and no non-localhost servers, Google defaults (both IPv4+IPv6) should be added
ns0 = "\nnameserver 8.8.8.8\nnameserver 8.8.4.4\nnameserver 2001:4860:4860::8888\nnameserver 2001:4860:4860::8844"
ns1 = "nameserver 127.0.0.1\nnameserver ::1\nnameserver 127.0.2.1"
if result, _ := FilterResolvDNS([]byte(ns1), true); result != nil {
if ns0 != string(result.Content) {
t.Errorf("Failed no Localhost+IPv6 enabled: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
// with IPv6 disabled, and no non-localhost servers, Google defaults (only IPv4) should be added
ns0 = "\nnameserver 8.8.8.8\nnameserver 8.8.4.4"
ns1 = "nameserver 127.0.0.1\nnameserver ::1\nnameserver 127.0.2.1"
if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
if ns0 != string(result.Content) {
t.Errorf("Failed no Localhost+IPv6 enabled: expected \n<%s> got \n<%s>", ns0, string(result.Content))
}
}
}

14
libnetwork/resolvconf/utils.go
View file

@ -3,14 +3,12 @@ package resolvconf
import (
"crypto/sha256"
"encoding/hex"
"io"
)
// hashData returns the sha256 sum of src.
func hashData(src io.Reader) (string, error) {
h := sha256.New()
if _, err := io.Copy(h, src); err != nil {
return "", err
}
return "sha256:" + hex.EncodeToString(h.Sum(nil)), nil
// hashData returns the sha256 sum of data.
func hashData(data []byte) []byte {
f := sha256.Sum256(data)
out := make([]byte, 2*sha256.Size)
hex.Encode(out, f[:])
return append([]byte("sha256:"), out...)
}

21
libnetwork/resolvconf/utils_test.go
View file

@ -1,18 +1,21 @@
package resolvconf
import (
"strings"
"bytes"
"testing"
)
func TestHashData(t *testing.T) {
reader := strings.NewReader("hash-me")
actual, err := hashData(reader)
if err != nil {
t.Fatal(err)
}
expected := "sha256:4d11186aed035cc624d553e10db358492c84a7cd6b9670d92123c144930450aa"
if actual != expected {
t.Fatalf("Expecting %s, got %s", expected, actual)
const expected = "sha256:4d11186aed035cc624d553e10db358492c84a7cd6b9670d92123c144930450aa"
if actual := hashData([]byte("hash-me")); !bytes.Equal(actual, []byte(expected)) {
t.Fatalf("Expecting %s, got %s", expected, string(actual))
}
}
func BenchmarkHashData(b *testing.B) {
b.ReportAllocs()
data := []byte("hash-me")
for i := 0; i < b.N; i++ {
_ = hashData(data)
}
}

26
libnetwork/sandbox_dns_unix.go
View file

@ -4,6 +4,7 @@
package libnetwork
import (
"bytes"
"fmt"
"net"
"os"
@ -279,7 +280,8 @@ func (sb *Sandbox) setupDNS() error {
}
// Write hash
if err := os.WriteFile(sb.config.resolvConfHashFile, []byte(newRC.Hash), filePerm); err != nil {
err = os.WriteFile(sb.config.resolvConfHashFile, newRC.Hash, filePerm)
if err != nil {
return types.InternalErrorf("failed to write resolv.conf hash file when setting up dns for sandbox %s: %v", sb.ID(), err)
}
@ -287,11 +289,6 @@ func (sb *Sandbox) setupDNS() error {
}
func (sb *Sandbox) updateDNS(ipv6Enabled bool) error {
var (
currHash string
hashFile = sb.config.resolvConfHashFile
)
// This is for the host mode networking
if sb.config.useDefaultSandBox {
return nil
@ -301,23 +298,20 @@ func (sb *Sandbox) updateDNS(ipv6Enabled bool) error {
return nil
}
var currHash []byte
currRC, err := resolvconf.GetSpecific(sb.config.resolvConfPath)
if err != nil {
if !os.IsNotExist(err) {
return err
}
} else {
h, err := os.ReadFile(hashFile)
if err != nil {
if !os.IsNotExist(err) {
return err
}
} else {
currHash = string(h)
currHash, err = os.ReadFile(sb.config.resolvConfHashFile)
if err != nil && !os.IsNotExist(err) {
return err
}
}
if currHash != "" && currHash != currRC.Hash {
if len(currHash) > 0 && !bytes.Equal(currHash, currRC.Hash) {
// Seems the user has changed the container resolv.conf since the last time
// we checked so return without doing anything.
// logrus.Infof("Skipping update of resolv.conf file with ipv6Enabled: %t because file was touched by user", ipv6Enabled)
@ -344,14 +338,14 @@ func (sb *Sandbox) updateDNS(ipv6Enabled bool) error {
tmpHashFile.Close()
return err
}
_, err = tmpHashFile.Write([]byte(newRC.Hash))
_, err = tmpHashFile.Write(newRC.Hash)
if err1 := tmpHashFile.Close(); err == nil {
err = err1
}
if err != nil {
return err
}
return os.Rename(tmpHashFile.Name(), hashFile)
return os.Rename(tmpHashFile.Name(), sb.config.resolvConfHashFile)
}
// Embedded DNS server has to be enabled for this sandbox. Rebuild the container's